• US government sends warning letter to retailers about ongoing breach investigation

US government sends warning letter to retailers about ongoing breach investigation

Reuters reports that the U.S. government today sent a confidential 16-page letter to retailers, which it says "describes the malicious software and techniques used to attack Target Corp. late last year."

The letter was written with help from security firm iSIGHT Partners, a cyber intelligence firm with offices in 16 countries. In a blog post yesterday, iSIGHT confirmed that it is working with the U.S. Secret Service on the case, and offered this chilling bit of news:

The identification and dissection of the malicious code provides two immediately important insights:

  1. Recent retailer data breaches may not have been targeted attacks, but may well be part of a broader data theft scheme focused on many operators of point-of-sale systems.
  2. The scope, scale, and reach of recent data breaches is not yet known.

The piece of malicious software that has been identified is named KAPTOXA (pronounced kar-toe-sha), and iSIGHT says it has "potentially infected a large number of retail information systems." We asked iSIGHT′s Tiffany Jones, the author of the blog, whether they could give any indication of how many different retailers might be affected, but she was not able to comment, citing an "ongoing investigation." 

The first traces of KAPTOXA were noticed by iSIGHT in June 2013. The software "contains a new kind of attack method that is able to covertly subvert network controls and common forensic tactics, concealing all data transfers and executions that may have been run, rendering it harder to detect."

Related Content

User Comments – Give us your opinion!
  • Milos Dunjic
    8113321
    I am sure that many tools NSA uses were written by Russians as well. Who originally wrote the software should not really matter. The 'Russian teenager' made his buck by selling the malware to the people who committed the data breach. That is where probably 'Russian connection' ends. James Bond conspiracy won't help payment industry in the US Who planted it inside the POS terminals, and why Target and its Acquirer processor did not detect the breach in the first place are the main questions. Don't they check the POS software stack digital signature? What about PCI DSS? Is it useless in preventing these kinds of most likely insider type attacks? EMV + end to end unique per txn PAN tokenization (transparent to the merchant, acquirer) is the best deterrence mechanism against credit card collection and usage in online channel. Make the txn info useless to anybody except card issuer and that solves this.
  • Jon von Gunten
    8090711
    Rolling transaction-authorization passwords solve a lot, but retailers prefer to (so far unsuccessfully) harden network hdw and sfw, rather than slow down store lines or inconvenience customers with that added step. But it's not that hard to implement, and needn't slow lines any more than fishing for a credit card. They're already slowed by debit card users entering personal codes.
Products & Services

Ford Work Solutions Kiosk

http://global.networldalliance.com/new/images/products/Ford_Works_100.gif

152/Ford-Work-Solutions-Kiosk

Codigo Custom Content

http://global.networldalliance.com/new/images/products/5961.png

5961/Codigo-Custom-Content

Slabb X4 Wall Mount Informational Kiosk

http://global.networldalliance.com/new/images/products/6479.png

6479/Slabb-X4-Wall-Mount-Informational-Kiosk

Slabb X7 Transactional Kiosk

http://global.networldalliance.com/new/images/products/7023.png

7023/Slabb-X7-Transactional-Kiosk

LG 38WR50MS-B

http://global.networldalliance.com/new/images/products/6453.png

6453/LG-38WR50MS-B

Big Impact Professional-Grade LCD | 70” NEC P701

http://global.networldalliance.com/new/images/products/4701.png

4701/Big-Impact-Professional-Grade-LCD-70-NEC-P701

Retail Undercover Shopper or Employee

http://global.networldalliance.com/new/images/products/3779.png

3779/Retail-Undercover-Shopper-or-Employee

Slabb X10 Informational Wayfinding Kiosk

http://global.networldalliance.com/new/images/products/6473.png

6473/Slabb-X10-Informational-Wayfinding-Kiosk

Olea Milan Kiosk

http://global.networldalliance.com/new/images/products/6015.png

6015/Olea-Milan-Kiosk

Black Box HD View™ HDMI Multidigital Extenders

http://global.networldalliance.com/new/images/products/3188.png

3188/Black-Box-HD-View-HDMI-Multidigital-Extenders

Vend and PayPal White Paper
CONNECT 2014 Mobile Innovation Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.